Latest Releases

Gallery

Random Image

Add item with the Publish XP Wizard, instructions

Hosting Partner

InMotion Hosting provides Gallery with financial and development support, as well as an affiliate bonus for each new customer we send their way. Gallery 3 is supported out-of-the-box on their service, and their support team is knowledgable in working with Gallery 3.

Support Gallery!

Gallery is freeware!
We've spent thousands of hours developing and supporting it.
If you enjoy the product, please take a moment and make a donation to help support further development and webserver costs!

User Testimonial

"This gallery works great, I've never had any problems with it, and I love how people can upload to the gallery. A great way to share pics... I would recommend this to anyone." T.J. Muck 6/14/2004More testimonials

This is the official website of Gallery, the open source web based photo album organizer.
Gallery gives you an intuitive way to blend photo management seamlessly into your own website whether you're running a small personal site or a large community site.

As part of their support of the open source community, InMotion Hosting, a professional web hosting service provider, rolled up their sleeves and worked with the Gallery team to help with some outstanding issues with Gallery 3.

InMotion developers learned the Gallery environment and worked on five different bug fixes, getting the new code to us via GitHub pull requests. They fixed things like a PHP 5.3.13 incompatibility, a parallel upload timeout problem and more. Their fixes will all be included in the next release of Gallery 3. In addition to the development work, InMotion has also provided monetary support for the Gallery project, which we appreciate!

Now that they’ve got the hang of it, InMotion is continuing its support of Gallery via ongoing technical contributions. Maybe you know of someone else who would like to contribute?

After several extensive internal and external security audits which discovered 22 distinct vulnerabilities, we are releasing Gallery 3.0.4 as a security release. All of the issues require that someone with malicious intent either have an account with edit permissions, or trick a user with edit permissions into clicking on a malicious link. In most cases, this can only lead to a possible XSS vulnerability, but in several instances it allows arbitrary PHP code execution.

We thank the following individuals for reporting these issues: Chalk, Mateusz Goik, James 'albino' Kettle, Emanuel Bronshtein, and Sergey Markov. Due to their efforts, they will each be receiving bounties of $1000 for their help in making Gallery more secure. Read our Bounties page for details and how to submit any security issues you find.

We strongly recommend that all users of Gallery 3 upgrade as soon as possible.

We're releasing both Gallery 3.0.3 and Gallery 2.3.2 as security releases. Several researchers, working independently, discovered possible encryption-related vulnerabilities. Low-risk XSS vulnerabilities limited to the administration area were also reported. We thank the following individuals for reporting these issues: James 'albino' Kettle, George Argyros & Aggelos Kiayias, and Emanuel Bronshtein. They will be receiving bounties for these issues. Read our Bounties page for details and how to submit any security issues you find. The CVE id for these issues is CVE-2012-1113.

We recommend that all users of Gallery 2 and Gallery 3 upgrade as soon as possible.